US20050172280A1 - System and method for preintegration of updates to an operating system - Google Patents

System and method for preintegration of updates to an operating system Download PDF

Info

Publication number
US20050172280A1
US20050172280A1 US10/766,984 US76698404A US2005172280A1 US 20050172280 A1 US20050172280 A1 US 20050172280A1 US 76698404 A US76698404 A US 76698404A US 2005172280 A1 US2005172280 A1 US 2005172280A1
Authority
US
United States
Prior art keywords
operating system
update
files
system
updates
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10/766,984
Inventor
Jeremy Ziegler
Bruce Zabava
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dell Products LP
Original Assignee
Dell Products LP
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dell Products LP filed Critical Dell Products LP
Priority to US10/766,984 priority Critical patent/US20050172280A1/en
Assigned to DELL PRODUCTS L.P. reassignment DELL PRODUCTS L.P. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: ZABAVA, BRUCE A., ZIEGLER, JEREMY R.
Publication of US20050172280A1 publication Critical patent/US20050172280A1/en
Application status is Abandoned legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities

Abstract

An operating system has security updates preintegrated to reduce vulnerability of the operating system to malicious programs, such as worms. Preintegration writes update files over corresponding operating system files before boot of the operating system so that malicious programs are not provided an opportunity to attack the operating system during a post-boot security update. An update package extracts update files, such as QFE files, and prepares the update files within a file and directory structure corresponding to the operating system. An overwrite engine running on an alternative operating system writes the update files to the operating system so that the operating system boots secure from attack by worms that the updates are intended to prevent.

Description

    BACKGROUND OF THE INVENTION
  • 1. Field of the Invention
  • The present invention relates in general to the field of updates to an information handling system operating system, and more particularly to a system and method for preintegration of updates to a post-configured operating system image.
  • 2. Description of the Related Art
  • As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
  • Information handling systems generally rely on operating systems, such as the WINDOWS operating system sold by MICROSOFT, to coordinate operations of the various hardware and software components. To maintain operating systems as current as possible with respect to changes in hardware and software components, operating system manufacturers often issue updates, commonly known as patches, that correct problem areas until a new operating system version is released. For instance, MICROSOFT issues Quick Fix Engineering (QFE) releases that update WINDOWS when issues arise that require more immediate attention. One common reason for the issue of a QFE is to correct security vulnerabilities that are periodically uncovered. A variety of malicious programs, known as viruses, attack security vulnerabilities through the Internet to invade and sometimes even destroy information handling systems. One particularly disruptive type of virus is known as a worm. Once a worm infects an information handling system, it quickly spreads to other information handling systems and automatically multiplies by attacking a security vulnerability to sometimes create such heavy network traffic that networks attacked by the worm fail. Information handling systems that receive security updates via QFEs are protected from attack by worms that attack the updated vulnerability.
  • Although a QFE prevents worms from attacking a vulnerability updated by the QFE, information handling systems that fail to implement the QFE remain vulnerable. For example, information handling systems loading a new operating system remain vulnerable after initial boot of the operating system until a QFE engine installs the QFE. Typically, a new copy of WINDOWS includes a QFE package and install engine provided with an update CD or by download from an Internet site that update the operating system against known security vulnerabilities. However, in order to install the QFE, the native operating system generally must boot and become operational to run the install engine, thus leaving the operating system vulnerable to worms that the updates are intended to prevent until after the install engine runs. Information handling system manufacturers often create images of the operating system that are copied directly to hard disc drives of manufactured information handling systems. Copying an operating system image saves time by eliminating individual installations of the operating system on each manufactured information handling system, however, if the operating system image includes a worm or other virus, then each information handling system manufactured with the image will spread the worm or virus.
  • SUMMARY OF THE INVENTION
  • Therefore a need has arisen for a system and method which protects an operating system from attack of a security vulnerability due to the operational state of the operating system as the security update is performed.
  • In accordance with the present invention, a system and method are provided which substantially reduce the disadvantages and problems associated with previous methods and systems for performing operating system security updates. Update files are written over corresponding operating system files so that the update takes effect on initial boot of the operating system without having to wait for the operating system to install the updates.
  • More specifically, an update package engine extracts update files from an update, such as a QFE, and places the update files in a file and directory structure to replace corresponding operating system files. An operating system preparation engine creates a base image with the primary source file removed and the update file and directory structure aligns the overwriting of corresponding secondary source files. An overwrite engine operating on an alternative operating system writes the update files over the corresponding operating system files and boots the operating system with the update files preintegrated. After boot, the update installer registers the update with the operating system and an operating system image creation engine prepares an image of the operating system for use in manufacture of information handling systems.
  • The present invention provides a number of important technical advantages. One example of an important technical advantage is that an operating system has its security updates performed before the operating system is vulnerable to attack by viruses and worms. In a manufacturing environment, an operating system image is created that has security updates installed before boot of the operating system that becomes the image. Preintegration of the security updates to a post-configured operating system image protects against unintentional propagation of known viruses and worms. The secure operating system image reduces the risk of disruption of the manufacturing environment by preventable viruses or worms.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • The present invention may be better understood, and its numerous objects, features and advantages made apparent to those skilled in the art by referencing the accompanying drawings. The use of the same reference number throughout the several figures designates a like or similar element.
  • FIG. 1 depicts a block diagram of an update preintegration engine for preintegration of updates to an operating system; and
  • FIG. 2 depicts a process for preintegration of updates into an operating system.
  • DETAILED DESCRIPTION
  • An update to an information handling system operating system is preintegrated into the operating system to reduce vulnerability to malicious programs. Update files are written over corresponding operating system files so that the update takes effect on initial boot of the operating system without having to wait for the operating system to install the updates. For purposes of this disclosure, an information handling system may include any instrumentality or aggregate of instrumentalities operable to compute, classify, process, transmit, receive, retrieve, originate, switch, store, display, manifest, detect, record, reproduce, handle, or utilize any form of information, intelligence, or data for business, scientific, control, or other purposes. For example, an information handling system may be a personal computer, a network storage device, or any other suitable device and may vary in size, shape, performance, functionality, and price. The information handling system may include random access memory (RAM), one or more processing resources such as a central processing unit (CPU) or hardware or software control logic, ROM, and/or other types of nonvolatile memory. Additional components of the information handling system may include one or more disk drives, one or more network ports for communicating with external devices as well as various input and output (I/O) devices, such as a keyboard, a mouse, and a video display. The information handling system may also include one or more buses operable to transmit communications between the various hardware components.
  • Referring now to FIG. 1, a block diagram depicts an information handling system 10 that prepares an operating system 12, such as WINDOWS, for use as an image for manufacture of similarly configured information handling systems. Operating system 12 initially is in a non-operative mode with information handling system 10 operating under alternative operating system 14, such as DOS, Linux or WinPE. For instance, alternative operating system 14 is downloaded to information handling system 10 through a PXE client and then downloads operating system 12 from an update preintegration installation server 16.
  • Update preintegration server 16 includes an operating system preparation engine 18 that prepares operating system 12 as a base image having its primary source file removed. For instance, with the WINDOWS operating system, operating system preparation engine 18 completely removes the DLLCACHE, which is the primary reference for the operating system to replace native files. In addition, operating system preparation engine 18 directs operating system 12 to a local directory for its second source for native files. The operating system base image as prepared by operating system preparation engine 18 is stored in local permanent memory of information handling system, such as a hard disc drive, as operating system 12.
  • Update preintegration server 16 also includes an update package engine 20 which retrieves operating system updates, such as QFEs, from an operating system updates database 22. Update package engine 20 extracts updated operating system files from the updates and packages the updated operating system files in an update package 24 that is downloaded to information handling system 10 to directly replace corresponding files in operating system 12 before booting of operating system 12. Update package 24 replaces the files in the directory of operating system 12 that operating system 12 utilizes directly, and also replaces the files in the second source, such as I386 files, if operating system 12 tries to replace the files in the directory with second source files. Update package engine 20 provides with update package 24 an overwrite engine 28 that runs on alternative operating system 14 to write the updated files over the corresponding operating system 12 files and second source files. Update package engine 20 includes the digital signature files associate with the update files to ensure that operating system 12 will recognize the update files as digitally signed. Update package engine 20 also includes the update installer 26 associated with the update files so that update installer 26 registers the update with the operating system.
  • Once information handling system 10 is operating with alternative operating system 14, overwrite engine 28 executes to write the updated files of update package 24 over the corresponding files of operating system 12. Upon completing the overwrite, operating system 12 boots in a normal sequence by loading onto the processing components of information handling system 10, loading drivers for the components of information handling system 10 and initiating update installer 26. Because overwrite engine 28 has already written the updated files to operating system 10, security vulnerabilities that were addressed by the updates are enforced even before update installer 26 is able to run to replace the primary and secondary source files, which in the case of WINDOWS are the I386 and DLLCACHE files. In one embodiment, update package engine 20 selects only updates associated with correction of security vulnerabilities, such as worms, for inclusion in update package 24 and allows update installer 26 to install non-security updates after boot of operating system 12. Once operating system 12 is booted, an operating system image creation engine 30 copies operating system 12 to create a secure operating system image 32 for use in manufacture of information handling systems. Secure operating system image 32 is protected from worm infection by enforcement of updates from the initial boot of operating system 12. In alternative embodiments, a secure operating system may be deployed for normal use as described above to reduce the risk of virus infection, such as when a user installs a new operating system on an existing information handling system
  • Referring now to FIG. 2, a process is depicted for the secure creation of an operating system with preintegrated updates. The process begins at step 40 with the creating of an operating system base image having the primary source file removed, such as the DLLCACHE of WINDOWS. At step 42, the update is packaged with a file and directory structure that replaces operating system files with corresponding updated files extracted from one or more operating system updates. The update also replaces secondary source files with the updated files to preclude the operating system from calling up secondary files vulnerable to attack. At step 44 the update files are written over the corresponding operating system and second source files under an alternative operating system before boot of the operating system that is receiving the update. At step 46, the update install utility, such as the QFE utility provided by MICROSOFT, is loaded on the information handling system to run after boot of the updated operating system so that the update is registered. At step 48, the updated operating system is booted secure from infection by worms or other malicious programs that the updates cover. At step 50, the process completes with execution of the install utility to register the update with the operating system. If additional updates remain for installation, the update install utility installs the additional updates in a conventional manner to have an updated operating system brought to a running state in a secure environment.
  • Although the present invention has been described in detail, it should be understood that various changes, substitutions and alterations can be made hereto without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (20)

1. A system for creating an operating system image, the image having preintegrated updates, the system comprising:
an operating system preparation engine operable to remove the operating system source file;
an update package engine operable to package one or more updates for integration with the operating system, each update having one or more files, the update package engine extracting the update files and assigning file and directory structures to the update files that replace corresponding files in the operating system directory;
an overwrite engine operable to write the packaged update files over the corresponding operating system files; and
an install engine operable to register the update with the operating system on initial boot of the operating system.
2. The system of claim 1 further comprising an alternative operating system operable to support the operation of the overwrite engine to write update files over the operating system files.
3. The system of claim 1 wherein the operating system has a primary and a secondary source files, the operating system preparation engine further operable to remove the primary source file, the update package engine further operable to identify an update source file and to assign the update source file to overwrite the corresponding secondary source file.
4. The system of claim 3 wherein the primary source file comprises the DLLCACHE and the secondary source file comprise I386.
5. The system of claim 1 wherein the update package engine is further operable to identify and select security updates for packaging.
6. The system of claim 5 wherein the security updates comprise updates operable to address a security vulnerability associated with worms.
7. The system of claim 1 wherein the updates comprise QFEs.
8. The system of claim 7 wherein the QFEs have digital signature files, the update package engine further operable to include the digital signature files with the update files.
9. The system of claim 1 further comprising an operating system image creation engine operable to copy the booted operating system as an image for use in manufacture of information handling systems.
10. A method for creating an operating system image, the image having integrated updates, the method comprising:
removing the source file of the operating system;
extracting an update file from an operating system update;
writing the update file over a corresponding operating system file;
booting the operating system; and
registering the update with the operating system.
11. The method of claim 10 wherein the operating system comprises a primary source file and a secondary source file and wherein:
removing the source file further comprises removing the primary source file; and
writing the update file further comprises writing a source file update over the secondary source file.
12. The method of claim 11 wherein the primary source file comprises DLLCACHE and the secondary source file comprises I386.
13. The method claim 10 wherein the update comprises a QFE.
14. The method of claim 10 wherein extracting an update file further comprises extracting a signature file to support recognition of the update file by the operating system.
15. The method of claim 10 further comprising running an alternate operating system to perform the removing, extracting and writing.
16. The method of claim 10 further comprising:
imaging the booted operating system; and
using the image to manufacture information handling systems.
17. The method of claim 10 further comprising:
identifying a plurality of updates as security updates and non-security updates;
selecting the security updates for the extracting and writing; and
installing the non-security updates after boot of the operating system.
18. The method of claim 17 wherein the security updates are patches to protect worm vulnerabilities.
19. An information handling system comprising:
an operating system having plural files, the operating system in a non-operational state;
an alternative operating system operable to support operation of the information handling system;
an update package supported by the alternative operating system, the update package having one or more update files for integration with the operating system, the update files having a file and directory structure aligned to replace corresponding files in the operating system;
an overwrite engine operable to write the update files over the corresponding operating system files to preintegrate the update files in the operating system.
20. The information handling system of claim 19 further comprising an operating system image creation engine operable to:
boot the operating system; and
copy an image of the booted operating system for use in manufacture of information handling systems.
US10/766,984 2004-01-29 2004-01-29 System and method for preintegration of updates to an operating system Abandoned US20050172280A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US10/766,984 US20050172280A1 (en) 2004-01-29 2004-01-29 System and method for preintegration of updates to an operating system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US10/766,984 US20050172280A1 (en) 2004-01-29 2004-01-29 System and method for preintegration of updates to an operating system

Publications (1)

Publication Number Publication Date
US20050172280A1 true US20050172280A1 (en) 2005-08-04

Family

ID=34807621

Family Applications (1)

Application Number Title Priority Date Filing Date
US10/766,984 Abandoned US20050172280A1 (en) 2004-01-29 2004-01-29 System and method for preintegration of updates to an operating system

Country Status (1)

Country Link
US (1) US20050172280A1 (en)

Cited By (67)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060069755A1 (en) * 2004-08-31 2006-03-30 Luosheng Peng Maintaining mobile device electronic files
US20070143844A1 (en) * 2005-09-02 2007-06-21 Richardson Ric B Method and apparatus for detection of tampering attacks
US20070192322A1 (en) * 2006-01-31 2007-08-16 Dell Products L.P. Porting security application preferences from one system to another
US20080104573A1 (en) * 2006-10-25 2008-05-01 Microsoft Corporation Software build validation before check-in
US20080189697A1 (en) * 2007-02-05 2008-08-07 Microsoft Corporation Updating a virtual machine monitor from a guest partition
US20080229301A1 (en) * 2007-03-15 2008-09-18 Locker Howard J Out-of-band patch management system
CN100437420C (en) 2005-09-30 2008-11-26 联想(北京)有限公司 Computer system and its safety encryption
US20080320607A1 (en) * 2007-06-21 2008-12-25 Uniloc Usa System and method for auditing software usage
US20090083730A1 (en) * 2007-09-20 2009-03-26 Richardson Ric B Installing Protected Software Product Using Unprotected Installation Image
US20090150674A1 (en) * 2007-12-05 2009-06-11 Uniloc Corporation System and Method for Device Bound Public Key Infrastructure
US20090217378A1 (en) * 2008-02-27 2009-08-27 Microsoft Corporation Boot Time Remediation of Malware
US20090217384A1 (en) * 2008-02-22 2009-08-27 Etchegoyen Craig S License Auditing for Distributed Applications
US20090327070A1 (en) * 2008-06-25 2009-12-31 Uniloc Usa, Inc. System and Method for Monitoring Efficacy of Online Advertising
US20100257214A1 (en) * 2009-03-18 2010-10-07 Luc Bessette Medical records system with dynamic avatar generator and avatar viewer
US20100312702A1 (en) * 2009-06-06 2010-12-09 Bullock Roddy M System and method for making money by facilitating easy online payment
US20100325423A1 (en) * 2009-06-22 2010-12-23 Craig Stephen Etchegoyen System and Method for Securing an Electronic Communication
US20100325424A1 (en) * 2009-06-19 2010-12-23 Etchegoyen Craig S System and Method for Secured Communications
US20100321208A1 (en) * 2009-06-23 2010-12-23 Craig Stephen Etchegoyen System and Method for Emergency Communications
US20100325711A1 (en) * 2009-06-23 2010-12-23 Craig Stephen Etchegoyen System and Method for Content Delivery
US20100325149A1 (en) * 2009-06-22 2010-12-23 Craig Stephen Etchegoyen System and Method for Auditing Software Usage
US20100325025A1 (en) * 2009-06-22 2010-12-23 Etchegoyen Craig S System and Method for Sharing Media
US20100325735A1 (en) * 2009-06-22 2010-12-23 Etchegoyen Craig S System and Method for Software Activation
US20100324981A1 (en) * 2009-06-22 2010-12-23 Etchegoyen Craig S System and Method for Media Distribution on Social Networks
US20100325040A1 (en) * 2009-06-23 2010-12-23 Craig Stephen Etchegoyen Device Authority for Authenticating a User of an Online Service
US20100325200A1 (en) * 2009-06-22 2010-12-23 Craig Stephen Etchegoyen System and Method for Software Activation Through Digital Media Fingerprinting
US20100325431A1 (en) * 2009-06-19 2010-12-23 Joseph Martin Mordetsky Feature-Specific Keys for Executable Code
US20100325446A1 (en) * 2009-06-19 2010-12-23 Joseph Martin Mordetsky Securing Executable Code Integrity Using Auto-Derivative Key
US20100325051A1 (en) * 2009-06-22 2010-12-23 Craig Stephen Etchegoyen System and Method for Piracy Reduction in Software Activation
US20100324989A1 (en) * 2009-06-23 2010-12-23 Craig Stephen Etchegoyen System and Method for Monitoring Efficacy of Online Advertising
US20100332331A1 (en) * 2009-06-24 2010-12-30 Craig Stephen Etchegoyen Systems and Methods for Providing an Interface for Purchasing Ad Slots in an Executable Program
US20100333207A1 (en) * 2009-06-24 2010-12-30 Craig Stephen Etchegoyen Systems and Methods for Auditing Software Usage Using a Covert Key
US20100332319A1 (en) * 2009-06-24 2010-12-30 Craig Stephen Etchegoyen Methods and Systems for Dynamic Serving of Advertisements in a Game or Virtual Reality Environment
US20100333081A1 (en) * 2009-06-24 2010-12-30 Craig Stephen Etchegoyen Remote Update of Computers Based on Physical Device Recognition
US20100332267A1 (en) * 2009-06-24 2010-12-30 Craig Stephan Etchegoyen System and Method for Preventing Multiple Online Purchases
US20100332396A1 (en) * 2009-06-24 2010-12-30 Craig Stephen Etchegoyen Use of Fingerprint with an On-Line or Networked Auction
US20110010560A1 (en) * 2009-07-09 2011-01-13 Craig Stephen Etchegoyen Failover Procedure for Server System
US20110009092A1 (en) * 2009-07-08 2011-01-13 Craig Stephen Etchegoyen System and Method for Secured Mobile Communication
US20110078293A1 (en) * 2009-09-30 2011-03-31 Phung Hai T Systems and methods for extension of server management functions
US20110082757A1 (en) * 2009-06-06 2011-04-07 Bullock Roddy Mckee Method for making money on internet news sites and blogs
US20110093701A1 (en) * 2009-10-19 2011-04-21 Etchegoyen Craig S Software Signature Tracking
US20110093474A1 (en) * 2009-10-19 2011-04-21 Etchegoyen Craig S System and Method for Tracking and Scoring User Activities
US20110093503A1 (en) * 2009-10-19 2011-04-21 Etchegoyen Craig S Computer Hardware Identity Tracking Using Characteristic Parameter-Derived Data
US20110093920A1 (en) * 2009-10-19 2011-04-21 Etchegoyen Craig S System and Method for Device Authentication with Built-In Tolerance
US20110150315A1 (en) * 2009-12-17 2011-06-23 Bendixen Rudolf V Replacement of Build to Order Parts with Post Configured Images in any Manufacturing Environment
US8284929B2 (en) 2006-09-14 2012-10-09 Uniloc Luxembourg S.A. System of dependant keys across multiple pieces of related scrambled information
US8423473B2 (en) 2009-06-19 2013-04-16 Uniloc Luxembourg S. A. Systems and methods for game activation
US8438394B2 (en) 2011-01-14 2013-05-07 Netauthority, Inc. Device-bound certificate authentication
US20130263105A1 (en) * 2012-03-30 2013-10-03 Lenovo (Singapore) Pte. Ltd. Methods for facilitating updates at an information handling device
US20130268743A1 (en) * 2012-03-30 2013-10-10 Lenovo (Singapore) Pte. Ltd. Methods for customizing an operating system at an information handling device
US8566960B2 (en) 2007-11-17 2013-10-22 Uniloc Luxembourg S.A. System and method for adjustable licensing of digital products
US20140020104A1 (en) * 2005-05-16 2014-01-16 Microsoft Corporation System and Method of Opportunistically Protecting a Computer from Malware
US8726407B2 (en) 2009-10-16 2014-05-13 Deviceauthority, Inc. Authentication of computing and communications hardware
US8736462B2 (en) 2009-06-23 2014-05-27 Uniloc Luxembourg, S.A. System and method for traffic information delivery
US8812701B2 (en) 2008-05-21 2014-08-19 Uniloc Luxembourg, S.A. Device and method for secured communication
US8832369B2 (en) 2010-10-27 2014-09-09 Dell Products, Lp Systems and methods for remote raid configuration in an embedded environment
US8838976B2 (en) 2009-02-10 2014-09-16 Uniloc Luxembourg S.A. Web content access using a client device identifier
US8838848B2 (en) 2012-09-14 2014-09-16 Dell Products Lp Systems and methods for intelligent system profile unique data management
US20140337985A1 (en) * 2013-05-08 2014-11-13 Jorge Enrique Muyshondt Security in Digital Manufacturing Systems
US8903653B2 (en) 2009-06-23 2014-12-02 Uniloc Luxembourg S.A. System and method for locating network nodes
US9047458B2 (en) 2009-06-19 2015-06-02 Deviceauthority, Inc. Network access protection
US9047450B2 (en) 2009-06-19 2015-06-02 Deviceauthority, Inc. Identification of embedded system devices
US9081747B1 (en) 2012-03-06 2015-07-14 Big Bang Llc Computer program deployment to one or more target devices
US9146812B2 (en) 2012-02-03 2015-09-29 Dell Products Lp Systems and methods for out-of-band backup and restore of hardware profile information
US9182970B2 (en) 2012-03-30 2015-11-10 Lenovo (Singapore) Pte. Ltd. Methods for creating device preload via manufacturing and cloud content
US9633183B2 (en) 2009-06-19 2017-04-25 Uniloc Luxembourg S.A. Modular software protection
US10200345B2 (en) 2013-10-29 2019-02-05 Uniloc 2017 Llc Electronic mail sender verification
US10242198B2 (en) 2015-12-03 2019-03-26 Garrison Technology Ltd Secure booting of a computing system based on write request and power-up management

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020069353A1 (en) * 2000-12-01 2002-06-06 Smith R. Doug Automated device driver installation
US6473771B1 (en) * 2000-03-27 2002-10-29 Microsoft Corporation Method of integrating application programs to form or modify suite, and a suite integration toolkit to perform same
US6543004B1 (en) * 1999-07-29 2003-04-01 Hewlett-Packard Development Company, L.P. Method and apparatus for archiving and restoring data
US20040034848A1 (en) * 2002-08-09 2004-02-19 Eric Moore Rule engine
US20040034849A1 (en) * 2002-06-17 2004-02-19 Microsoft Corporation Volume image views and methods of creating volume images in which a file similar to a base file is stored as a patch of the base file
US6698018B1 (en) * 2000-05-10 2004-02-24 Microsoft Corporation System and method of multiple-stage installation of a suite of applications
US6934881B2 (en) * 2000-10-06 2005-08-23 Hewlett-Packard Development Company, L.P. Memory including portion storing a copy of primary operating system and method of operating computer including the memory
US7000230B1 (en) * 2000-06-21 2006-02-14 Microsoft Corporation Network-based software extensions
US7107482B2 (en) * 2001-03-05 2006-09-12 Omron Corporation Program update apparatus and method
US7146640B2 (en) * 2002-09-05 2006-12-05 Exobox Technologies Corp. Personal computer internet security system

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6543004B1 (en) * 1999-07-29 2003-04-01 Hewlett-Packard Development Company, L.P. Method and apparatus for archiving and restoring data
US6473771B1 (en) * 2000-03-27 2002-10-29 Microsoft Corporation Method of integrating application programs to form or modify suite, and a suite integration toolkit to perform same
US6698018B1 (en) * 2000-05-10 2004-02-24 Microsoft Corporation System and method of multiple-stage installation of a suite of applications
US7000230B1 (en) * 2000-06-21 2006-02-14 Microsoft Corporation Network-based software extensions
US6934881B2 (en) * 2000-10-06 2005-08-23 Hewlett-Packard Development Company, L.P. Memory including portion storing a copy of primary operating system and method of operating computer including the memory
US20020069353A1 (en) * 2000-12-01 2002-06-06 Smith R. Doug Automated device driver installation
US7107482B2 (en) * 2001-03-05 2006-09-12 Omron Corporation Program update apparatus and method
US20040034849A1 (en) * 2002-06-17 2004-02-19 Microsoft Corporation Volume image views and methods of creating volume images in which a file similar to a base file is stored as a patch of the base file
US20040034848A1 (en) * 2002-08-09 2004-02-19 Eric Moore Rule engine
US7146640B2 (en) * 2002-09-05 2006-12-05 Exobox Technologies Corp. Personal computer internet security system

Cited By (97)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060069755A1 (en) * 2004-08-31 2006-03-30 Luosheng Peng Maintaining mobile device electronic files
US7516451B2 (en) * 2004-08-31 2009-04-07 Innopath Software, Inc. Maintaining mobile device electronic files including using difference files when upgrading
US20140020104A1 (en) * 2005-05-16 2014-01-16 Microsoft Corporation System and Method of Opportunistically Protecting a Computer from Malware
US20070143844A1 (en) * 2005-09-02 2007-06-21 Richardson Ric B Method and apparatus for detection of tampering attacks
US8087092B2 (en) 2005-09-02 2011-12-27 Uniloc Usa, Inc. Method and apparatus for detection of tampering attacks
CN100437420C (en) 2005-09-30 2008-11-26 联想(北京)有限公司 Computer system and its safety encryption
US7617214B2 (en) * 2006-01-31 2009-11-10 Dell Products L.P. Porting security application preferences from one system to another
US20070192322A1 (en) * 2006-01-31 2007-08-16 Dell Products L.P. Porting security application preferences from one system to another
US8284929B2 (en) 2006-09-14 2012-10-09 Uniloc Luxembourg S.A. System of dependant keys across multiple pieces of related scrambled information
US20080104573A1 (en) * 2006-10-25 2008-05-01 Microsoft Corporation Software build validation before check-in
US8776041B2 (en) * 2007-02-05 2014-07-08 Microsoft Corporation Updating a virtual machine monitor from a guest partition
US20080189697A1 (en) * 2007-02-05 2008-08-07 Microsoft Corporation Updating a virtual machine monitor from a guest partition
US7836442B2 (en) * 2007-03-15 2010-11-16 Lenovo (Singapore) Pte. Ltd. Out-of-band patch management system
US20080229301A1 (en) * 2007-03-15 2008-09-18 Locker Howard J Out-of-band patch management system
US7908662B2 (en) 2007-06-21 2011-03-15 Uniloc U.S.A., Inc. System and method for auditing software usage
US20080320607A1 (en) * 2007-06-21 2008-12-25 Uniloc Usa System and method for auditing software usage
US8671060B2 (en) * 2007-09-20 2014-03-11 Uniloc Luxembourg, S.A. Post-production preparation of an unprotected installation image for downloading as a protected software product
US20090083730A1 (en) * 2007-09-20 2009-03-26 Richardson Ric B Installing Protected Software Product Using Unprotected Installation Image
WO2009039504A1 (en) * 2007-09-20 2009-03-26 Uniloc Corporation Installing protected software product using unprotected installation image
US20120030668A1 (en) * 2007-09-20 2012-02-02 Uniloc Usa, Inc. Post-production preparation of an unprotected installation image for downloading as a protected software product
US8160962B2 (en) 2007-09-20 2012-04-17 Uniloc Luxembourg S.A. Installing protected software product using unprotected installation image
US8566960B2 (en) 2007-11-17 2013-10-22 Uniloc Luxembourg S.A. System and method for adjustable licensing of digital products
US20090150674A1 (en) * 2007-12-05 2009-06-11 Uniloc Corporation System and Method for Device Bound Public Key Infrastructure
US8464059B2 (en) 2007-12-05 2013-06-11 Netauthority, Inc. System and method for device bound public key infrastructure
US8374968B2 (en) 2008-02-22 2013-02-12 Uniloc Luxembourg S.A. License auditing for distributed applications
US20090217384A1 (en) * 2008-02-22 2009-08-27 Etchegoyen Craig S License Auditing for Distributed Applications
US20090217378A1 (en) * 2008-02-27 2009-08-27 Microsoft Corporation Boot Time Remediation of Malware
US8812701B2 (en) 2008-05-21 2014-08-19 Uniloc Luxembourg, S.A. Device and method for secured communication
US20090327070A1 (en) * 2008-06-25 2009-12-31 Uniloc Usa, Inc. System and Method for Monitoring Efficacy of Online Advertising
US8838976B2 (en) 2009-02-10 2014-09-16 Uniloc Luxembourg S.A. Web content access using a client device identifier
US20100257214A1 (en) * 2009-03-18 2010-10-07 Luc Bessette Medical records system with dynamic avatar generator and avatar viewer
US8103553B2 (en) 2009-06-06 2012-01-24 Bullock Roddy Mckee Method for making money on internet news sites and blogs
US20100312702A1 (en) * 2009-06-06 2010-12-09 Bullock Roddy M System and method for making money by facilitating easy online payment
US20110082757A1 (en) * 2009-06-06 2011-04-07 Bullock Roddy Mckee Method for making money on internet news sites and blogs
US9047458B2 (en) 2009-06-19 2015-06-02 Deviceauthority, Inc. Network access protection
US20100325431A1 (en) * 2009-06-19 2010-12-23 Joseph Martin Mordetsky Feature-Specific Keys for Executable Code
US9633183B2 (en) 2009-06-19 2017-04-25 Uniloc Luxembourg S.A. Modular software protection
US9047450B2 (en) 2009-06-19 2015-06-02 Deviceauthority, Inc. Identification of embedded system devices
US20100325446A1 (en) * 2009-06-19 2010-12-23 Joseph Martin Mordetsky Securing Executable Code Integrity Using Auto-Derivative Key
US20100325424A1 (en) * 2009-06-19 2010-12-23 Etchegoyen Craig S System and Method for Secured Communications
US8423473B2 (en) 2009-06-19 2013-04-16 Uniloc Luxembourg S. A. Systems and methods for game activation
US20100325051A1 (en) * 2009-06-22 2010-12-23 Craig Stephen Etchegoyen System and Method for Piracy Reduction in Software Activation
US20100325149A1 (en) * 2009-06-22 2010-12-23 Craig Stephen Etchegoyen System and Method for Auditing Software Usage
US20100325025A1 (en) * 2009-06-22 2010-12-23 Etchegoyen Craig S System and Method for Sharing Media
US20100325735A1 (en) * 2009-06-22 2010-12-23 Etchegoyen Craig S System and Method for Software Activation
US20100324981A1 (en) * 2009-06-22 2010-12-23 Etchegoyen Craig S System and Method for Media Distribution on Social Networks
US8495359B2 (en) 2009-06-22 2013-07-23 NetAuthority System and method for securing an electronic communication
US20100325423A1 (en) * 2009-06-22 2010-12-23 Craig Stephen Etchegoyen System and Method for Securing an Electronic Communication
US20100325200A1 (en) * 2009-06-22 2010-12-23 Craig Stephen Etchegoyen System and Method for Software Activation Through Digital Media Fingerprinting
US20100324989A1 (en) * 2009-06-23 2010-12-23 Craig Stephen Etchegoyen System and Method for Monitoring Efficacy of Online Advertising
US20100325711A1 (en) * 2009-06-23 2010-12-23 Craig Stephen Etchegoyen System and Method for Content Delivery
US20100325040A1 (en) * 2009-06-23 2010-12-23 Craig Stephen Etchegoyen Device Authority for Authenticating a User of an Online Service
US8452960B2 (en) 2009-06-23 2013-05-28 Netauthority, Inc. System and method for content delivery
US20100321208A1 (en) * 2009-06-23 2010-12-23 Craig Stephen Etchegoyen System and Method for Emergency Communications
US8903653B2 (en) 2009-06-23 2014-12-02 Uniloc Luxembourg S.A. System and method for locating network nodes
US8736462B2 (en) 2009-06-23 2014-05-27 Uniloc Luxembourg, S.A. System and method for traffic information delivery
US20100332396A1 (en) * 2009-06-24 2010-12-30 Craig Stephen Etchegoyen Use of Fingerprint with an On-Line or Networked Auction
US20100333081A1 (en) * 2009-06-24 2010-12-30 Craig Stephen Etchegoyen Remote Update of Computers Based on Physical Device Recognition
US10068282B2 (en) 2009-06-24 2018-09-04 Uniloc 2017 Llc System and method for preventing multiple online purchases
US8239852B2 (en) 2009-06-24 2012-08-07 Uniloc Luxembourg S.A. Remote update of computers based on physical device recognition
US9129097B2 (en) 2009-06-24 2015-09-08 Uniloc Luxembourg S.A. Systems and methods for auditing software usage using a covert key
US20100332331A1 (en) * 2009-06-24 2010-12-30 Craig Stephen Etchegoyen Systems and Methods for Providing an Interface for Purchasing Ad Slots in an Executable Program
US20100333207A1 (en) * 2009-06-24 2010-12-30 Craig Stephen Etchegoyen Systems and Methods for Auditing Software Usage Using a Covert Key
US9075958B2 (en) 2009-06-24 2015-07-07 Uniloc Luxembourg S.A. Use of fingerprint with an on-line or networked auction
US20100332319A1 (en) * 2009-06-24 2010-12-30 Craig Stephen Etchegoyen Methods and Systems for Dynamic Serving of Advertisements in a Game or Virtual Reality Environment
US20100332267A1 (en) * 2009-06-24 2010-12-30 Craig Stephan Etchegoyen System and Method for Preventing Multiple Online Purchases
US8213907B2 (en) 2009-07-08 2012-07-03 Uniloc Luxembourg S. A. System and method for secured mobile communication
US20110009092A1 (en) * 2009-07-08 2011-01-13 Craig Stephen Etchegoyen System and Method for Secured Mobile Communication
US9141489B2 (en) 2009-07-09 2015-09-22 Uniloc Luxembourg S.A. Failover procedure for server system
US20110010560A1 (en) * 2009-07-09 2011-01-13 Craig Stephen Etchegoyen Failover Procedure for Server System
US8966026B2 (en) 2009-09-30 2015-02-24 Dell Products Lp Systems and methods for extension of server management functions
US20110078293A1 (en) * 2009-09-30 2011-03-31 Phung Hai T Systems and methods for extension of server management functions
US8510422B2 (en) 2009-09-30 2013-08-13 Dell Products L.P. Systems and methods for extension of server management functions
US8726407B2 (en) 2009-10-16 2014-05-13 Deviceauthority, Inc. Authentication of computing and communications hardware
US9082128B2 (en) 2009-10-19 2015-07-14 Uniloc Luxembourg S.A. System and method for tracking and scoring user activities
US20110093474A1 (en) * 2009-10-19 2011-04-21 Etchegoyen Craig S System and Method for Tracking and Scoring User Activities
US20110093503A1 (en) * 2009-10-19 2011-04-21 Etchegoyen Craig S Computer Hardware Identity Tracking Using Characteristic Parameter-Derived Data
US20110093920A1 (en) * 2009-10-19 2011-04-21 Etchegoyen Craig S System and Method for Device Authentication with Built-In Tolerance
US20110093701A1 (en) * 2009-10-19 2011-04-21 Etchegoyen Craig S Software Signature Tracking
US8316421B2 (en) 2009-10-19 2012-11-20 Uniloc Luxembourg S.A. System and method for device authentication with built-in tolerance
US8769296B2 (en) 2009-10-19 2014-07-01 Uniloc Luxembourg, S.A. Software signature tracking
US20110150315A1 (en) * 2009-12-17 2011-06-23 Bendixen Rudolf V Replacement of Build to Order Parts with Post Configured Images in any Manufacturing Environment
US8385626B2 (en) * 2009-12-17 2013-02-26 Dell Products L.P. Replacement of build to order parts with post configured images in any manufacturing environment
US8832369B2 (en) 2010-10-27 2014-09-09 Dell Products, Lp Systems and methods for remote raid configuration in an embedded environment
US8438394B2 (en) 2011-01-14 2013-05-07 Netauthority, Inc. Device-bound certificate authentication
US9354987B2 (en) 2012-02-03 2016-05-31 Dell Products Lp Systems and methods for out-of-band backup and restore of hardware profile information
US9146812B2 (en) 2012-02-03 2015-09-29 Dell Products Lp Systems and methods for out-of-band backup and restore of hardware profile information
US9081747B1 (en) 2012-03-06 2015-07-14 Big Bang Llc Computer program deployment to one or more target devices
US20130268743A1 (en) * 2012-03-30 2013-10-10 Lenovo (Singapore) Pte. Ltd. Methods for customizing an operating system at an information handling device
US20130263105A1 (en) * 2012-03-30 2013-10-03 Lenovo (Singapore) Pte. Ltd. Methods for facilitating updates at an information handling device
US9182970B2 (en) 2012-03-30 2015-11-10 Lenovo (Singapore) Pte. Ltd. Methods for creating device preload via manufacturing and cloud content
US9934044B2 (en) * 2012-03-30 2018-04-03 Lenovo (Singapore) Pte. Ltd. Methods for customizing an operating system at an information handling device
US8935688B2 (en) * 2012-03-30 2015-01-13 Lenovo (Singapore) Pte. Ltd. Methods for facilitating updates at an information handling device
US8838848B2 (en) 2012-09-14 2014-09-16 Dell Products Lp Systems and methods for intelligent system profile unique data management
US20140337985A1 (en) * 2013-05-08 2014-11-13 Jorge Enrique Muyshondt Security in Digital Manufacturing Systems
US10200345B2 (en) 2013-10-29 2019-02-05 Uniloc 2017 Llc Electronic mail sender verification
US10242198B2 (en) 2015-12-03 2019-03-26 Garrison Technology Ltd Secure booting of a computing system based on write request and power-up management

Similar Documents

Publication Publication Date Title
US9038062B2 (en) Registering and accessing virtual systems for use in a managed system
US8832691B2 (en) Compliance-based adaptations in managed virtual systems
US8839246B2 (en) Automatic optimization for virtual systems
US7376970B2 (en) System and method for proactive computer virus protection
US8938782B2 (en) Systems and methods for providing network access control in virtual environments
Wei et al. Managing security of virtual machine images in a cloud environment
JP5095717B2 (en) How to Install the reduced operating system image on a destination medium, system, program, and computer-readable medium having instructions for implementing the method
US9015703B2 (en) Enforcement of compliance policies in managed virtual systems
CA2465880C (en) Operating system abstraction and protection layer
AU2005201407B2 (en) Efficient patching
KR101231410B1 (en) Automatic detection and patching of vulnerable files
US8621620B2 (en) System and method for protecting and securing storage devices using below-operating system trapping
US8973144B2 (en) System and method for kernel rootkit protection in a hypervisor environment
US8528087B2 (en) Methods for combating malicious software
US5944821A (en) Secure software registration and integrity assessment in a computer system
US7512977B2 (en) Intrustion protection system utilizing layers
US7401230B2 (en) Secure virtual machine monitor to tear down a secure execution environment
US7549164B2 (en) Intrustion protection system utilizing layers and triggers
EP2084605B1 (en) Control and management of virtual systems
JP6370747B2 (en) System and method for virtual machine monitor-based anti-malware security
US20080134178A1 (en) Control and management of virtual systems
US20140082621A1 (en) Automatic optimization for virtual systems
US7191464B2 (en) Method and system for tracking a secure boot in a trusted computing environment
US6434744B1 (en) System and method for patching an installed application program
US9846588B2 (en) On-demand disposable virtual work system

Legal Events

Date Code Title Description
AS Assignment

Owner name: DELL PRODUCTS L.P., TEXAS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ZIEGLER, JEREMY R.;ZABAVA, BRUCE A.;REEL/FRAME:014942/0340

Effective date: 20040128

STCB Information on status: application discontinuation

Free format text: ABANDONED -- AFTER EXAMINER'S ANSWER OR BOARD OF APPEALS DECISION